What is claimed is: 



1. A method for registering a UE with an IMS so as to allow the 
UE to access, over a digital communication system, an IM service 
to which the UE is subscribed, the method including a step in 
5 which an S-CSCF of the IMS sends an AV request message (CM1) to 

an HSS, the method characterized in that it includes a step in 
which in response to the AV request message (CM1) , the HSS 
provides (31) in a AV request response message (CM2) a field 
indicating a list of substantially all services to which the UE 
10 is subscribed along with either information that allows 

establishing SAs for each such service or information that could 
be used as keying material or other input for other security 
Q mechanisms specific to each service. 

f|J 2. The method as in claim 1, further characterized in that in 

liSj responding to the AV request response message (CM2) , the S-CSCF 

«j* of the IMS adds (32) the information included in the AV request 

i>*j response message (CM2) to an authorization challenge message 

jJJ (SM4) and forwards it to an I-CSCF of the IMS. 

y 3. The method as in claim 2, further characterized in that when 

! I) 

2 0 the I-CSCF receives the authorization challenge message (SM4) , 

it forwards (33) it as a forwarded authorization challenge 
message (SM5) to a P-CSCF of the IMS, which parses (34) the 
forwarded authorization challenge message (SM5) , generates SPD 
entries and corresponding SAs for both P-CSCF and UE, inserts 
25 its SPD entries in its SPD and corresponding SAs into its SADB, 

and provides in an updated authorization challenge message (SM6) 
for the UE the SPD entries and corresponding SAs . 

4. The method as in claim 3, further characterized in that 
after receiving the updated authorization challenge message 

3 0 (SM6) , the UE inserts (3 5) the SPD entries into its SPD and 
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inserts the corresponding SAs into its SADB. 

5. The method as in claim 4, further characterized in that a 
register is kept for all services to allocate numbers used to 
derive keys for each service or part of a service. 

5 6. The method as in claim 5, further characterized in that the 

keys are an integrity key and a cipher key and are derived by 
applying a practically uni -directional mapping to an argument 
including the number allocated to the respective service or part 
of a service by the register being kept. 

10 7. A method for registering a UE with an IMS so as to allow the 

Q UE to access, over a digital communication system, an IM service 

to which the UE is subscribed, the method including a step in 
j'll which a P-CSCF of the IMS communicates to the UE an 

authorization challenge message (SM6) , characterized in that the 
1§ authorization challenge message (SM6) includes at least one SPD 

q entry and a corresponding SA derived by the P-CSCF from 

information provided to the P-CSCF indicating substantially all 
N services to which the UE is subscribed along with either 

'k- informat ion that allows establishing SAs for each such service 

2 0 or information that could be used as keying material or other 

input for other security mechanisms specific to each service, 
and the UE inserts (35) the at least one SPD entry into its SPD 
and the corresponding SA into its SADB, so that for a 
predetermined time any traffic between the UE and the P-CSCF is 
25 secure for the substantially all services to which the UE is 

subscribed. 

8. The method as in claim 7, further characterized in that a 
register is kept for all services to allocate numbers used to 
derive keys for each service or part of a service. 
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9. The method as in claim 8, further characterized in that 
the keys are an integrity key and a cipher key and are derived 
by applying a practically uni-directional mapping to an 
argument including the number allocated to the respective 
service or part of a service by the register being kept. 

10. A UE, characterized in that it is operative according to 
the method of claim 7 . 

11. A digital communication system having an IMS, characterized 
in that the IMS is operative according to the method of claim 1. 
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